svn commit: r355061 - branches/2014Q2/security/vuxml
Koop Mast
kwm at FreeBSD.org
Sat May 24 17:37:05 UTC 2014
Author: kwm
Date: Sat May 24 17:37:04 2014
New Revision: 355061
URL: http://svnweb.freebsd.org/changeset/ports/355061
QAT: https://qat.redports.org/buildarchive/r355061/
Log:
MFH: r355040
Document a bunch of openjpeg vulnabilities.
Approved by: portmgr (erwin@)
Modified:
branches/2014Q2/security/vuxml/vuln.xml
Directory Properties:
branches/2014Q2/ (props changed)
Modified: branches/2014Q2/security/vuxml/vuln.xml
==============================================================================
--- branches/2014Q2/security/vuxml/vuln.xml Sat May 24 17:31:34 2014 (r355060)
+++ branches/2014Q2/security/vuxml/vuln.xml Sat May 24 17:37:04 2014 (r355061)
@@ -51,6 +51,48 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="02db20d7-e34a-11e3-bd92-bcaec565249c">
+ <topic>openjpeg -- Multiple vulnabilities</topic>
+ <affects>
+ <package>
+ <name>openjpeg</name>
+ <range><lt>1.5.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Openjpeg release notes report:</p>
+ <blockquote cite="http://openjpeg.googlecode.com/svn/tags/version.1.5.1/NEWS">
+ <p>That CVE-2012-3535 and CVE-2012-3358 are fixed in the 1.5.1
+ release.</p>
+ </blockquote>
+ <blockquote cite="http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS">
+ <p>That CVE-2013-4289, CVE-2013-4290, CVE-2013-1447, CVE-2013-6045,
+ CVE-2013-6052, CVE-2013-6054, CVE-2013-6053, CVE-2013-6887,
+ where fixed in the 1.5.2 release.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-3358</cvename>
+ <cvename>CVE-2012-3535</cvename>
+ <cvename>CVE-2013-1447</cvename>
+ <cvename>CVE-2013-4289</cvename>
+ <cvename>CVE-2013-4290</cvename>
+ <cvename>CVE-2013-6045</cvename>
+ <cvename>CVE-2013-6052</cvename>
+ <cvename>CVE-2013-6053</cvename>
+ <cvename>CVE-2013-6054</cvename>
+ <cvename>CVE-2013-6887</cvename>
+ <url>http://openjpeg.googlecode.com/svn/tags/version.1.5.1/NEWS</url>
+ <url>http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS</url>
+ </references>
+ <dates>
+ <discovery>2012-05-13</discovery>
+ <entry>2014-05-24</entry>
+ </dates>
+ </vuln>
+
<vuln vid="64f3872b-e05d-11e3-9dd4-00262d5ed8ee">
<topic>chromium -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list